/Gedemin/Common/Wcrypt2.pas
Pascal | 1715 lines | 1091 code | 260 blank | 364 comment | 0 complexity | 5ffa2cba1a78630abdd143bc578c476a MD5 | raw file
Possible License(s): AGPL-3.0, MPL-2.0-no-copyleft-exception, GPL-2.0, LGPL-2.0, LGPL-2.1
- {******************************************************************}
- { }
- { Borland Delphi Runtime Library }
- { Cryptographic API interface unit }
- { }
- { Portions created by Microsoft are }
- { Copyright (C) 1993-1998 Microsoft Corporation. }
- { All Rights Reserved. }
- { }
- { The original file is: wincrypt.h, 1992 - 1997 }
- { The original Pascal code is: wcrypt2.pas, released 01 Jan 1998 }
- { The initial developer of the Pascal code is }
- { Massimo Maria Ghisalberti (nissl@dada.it) }
- { }
- { Portions created by Massimo Maria Ghisalberti are }
- { Copyright (C) 1997-1998 Massimo Maria Ghisalberti }
- { }
- { Contributor(s): }
- { Peter Tang (peter.tang@citicorp.com) }
- { Phil Shrimpton (phil@shrimpton.co.uk) }
- { }
- { Obtained through: }
- { }
- { Joint Endeavour of Delphi Innovators (Project JEDI) }
- { }
- { You may retrieve the latest version of this file at the Project }
- { JEDI home page, located at http://delphi-jedi.org }
- { }
- { The contents of this file are used with permission, subject to }
- { the Mozilla Public License Version 1.1 (the "License"); you may }
- { not use this file except in compliance with the License. You may }
- { obtain a copy of the License at }
- { http://www.mozilla.org/MPL/MPL-1.1.html }
- { }
- { Software distributed under the License is distributed on an }
- { "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or }
- { implied. See the License for the specific language governing }
- { rights and limitations under the License. }
- { }
- {******************************************************************}
-
- unit wcrypt2;
-
- {.$DEFINE NT5}
-
- {$ALIGN ON}
-
- {$IFNDEF VER90}
- {$WEAKPACKAGEUNIT}
- {$ENDIF}
-
- interface
-
- uses
- Windows
- {$IFDEF VER90}
- ,Ole2
- {$ENDIF};
-
- const
- ADVAPI32 = 'advapi32.dll';
- CRYPT32 = 'crypt32.dll';
- SOFTPUB = 'softpub.dll';
- {$IFDEF NT5}
- ADVAPI32NT5 = 'advapi32.dll';
- {$ENDIF}
-
- {Support Type}
-
- type
- PVOID = Pointer;
- LONG = DWORD;
- {$IFDEF UNICODE}
- LPAWSTR = PWideChar;
- {$ELSE}
- LPAWSTR = PAnsiChar;
- {$ENDIF}
-
- //-----------------------------------------------------------------------------
- // Type support for a pointer to an array of pointer (type **name)
- PLPSTR = Pointer; // type for a pointer to Array of pointer a type
- PPCERT_INFO = Pointer; // type for a pointer to Array of pointer a type
- PPVOID = Pointer; // type for a pointer to Array of pointer a type
- PPCCERT_CONTEXT = Pointer; // type for a pointer to Array of pointer a type
- PPCCTL_CONTEXT = Pointer; // type for a pointer to Array of pointer a type
- PPCCRL_CONTEXT = Pointer; // type for a pointer to Array of pointer a type
- //-----------------------------------------------------------------------------
-
- //+---------------------------------------------------------------------------
- //
- // Microsoft Windows
- // Copyright (C) Microsoft Corporation, 1992 - 1997.
- //
- // File: wincrypt.h
- //
- // Contents: Cryptographic API Prototypes and Definitions
- //
- //----------------------------------------------------------------------------
-
-
- //
- // Algorithm IDs and Flags
- //
-
- // ALG_ID crackers
- function GET_ALG_CLASS(x:integer) :integer;
- function GET_ALG_TYPE(x:integer) :integer;
- function GET_ALG_SID(x:integer) :integer;
-
- Const
- // Algorithm classes
- ALG_CLASS_ANY = 0;
- ALG_CLASS_SIGNATURE = (1 shl 13);
- ALG_CLASS_MSG_ENCRYPT = (2 shl 13);
- ALG_CLASS_DATA_ENCRYPT = (3 shl 13);
- ALG_CLASS_HASH = (4 shl 13);
- ALG_CLASS_KEY_EXCHANGE = (5 shl 13);
-
- // Algorithm types
- ALG_TYPE_ANY = 0;
- ALG_TYPE_DSS = (1 shl 9);
- ALG_TYPE_RSA = (2 shl 9);
- ALG_TYPE_BLOCK = (3 shl 9);
- ALG_TYPE_STREAM = (4 shl 9);
- ALG_TYPE_DH = (5 shl 9);
- ALG_TYPE_SECURECHANNEL = (6 shl 9);
-
- // Generic sub-ids
- ALG_SID_ANY = 0;
-
- // Some RSA sub-ids
- ALG_SID_RSA_ANY = 0;
- ALG_SID_RSA_PKCS = 1;
- ALG_SID_RSA_MSATWORK = 2;
- ALG_SID_RSA_ENTRUST = 3;
- ALG_SID_RSA_PGP = 4;
-
- // Some DSS sub-ids
- ALG_SID_DSS_ANY = 0;
- ALG_SID_DSS_PKCS = 1;
- ALG_SID_DSS_DMS = 2;
-
- // Block cipher sub ids
- // DES sub_ids
- ALG_SID_DES = 1;
- ALG_SID_3DES = 3;
- ALG_SID_DESX = 4;
- ALG_SID_IDEA = 5;
- ALG_SID_CAST = 6;
- ALG_SID_SAFERSK64 = 7;
- ALD_SID_SAFERSK128 = 8;
- ALG_SID_SAFERSK128 = 8;
- ALG_SID_3DES_112 = 9;
- ALG_SID_CYLINK_MEK = 12;
- ALG_SID_RC5 = 13;
-
- // Fortezza sub-ids
- ALG_SID_SKIPJACK = 10;
- ALG_SID_TEK = 11;
-
- // KP_MODE
- CRYPT_MODE_CBCI = 6; {ANSI CBC Interleaved}
- CRYPT_MODE_CFBP = 7; {ANSI CFB Pipelined}
- CRYPT_MODE_OFBP = 8; {ANSI OFB Pipelined}
- CRYPT_MODE_CBCOFM = 9; {ANSI CBC + OF Masking}
- CRYPT_MODE_CBCOFMI = 10; {ANSI CBC + OFM Interleaved}
-
- // RC2 sub-ids
- ALG_SID_RC2 = 2;
-
- // Stream cipher sub-ids
- ALG_SID_RC4 = 1;
- ALG_SID_SEAL = 2;
-
- // Diffie-Hellman sub-ids
- ALG_SID_DH_SANDF = 1;
- ALG_SID_DH_EPHEM = 2;
- ALG_SID_AGREED_KEY_ANY = 3;
- ALG_SID_KEA = 4;
-
- // Hash sub ids
- ALG_SID_MD2 = 1;
- ALG_SID_MD4 = 2;
- ALG_SID_MD5 = 3;
- ALG_SID_SHA = 4;
- ALG_SID_SHA1 = 4;
- ALG_SID_MAC = 5;
- ALG_SID_RIPEMD = 6;
- ALG_SID_RIPEMD160 = 7;
- ALG_SID_SSL3SHAMD5 = 8;
- ALG_SID_HMAC = 9;
-
- // secure channel sub ids
- ALG_SID_SSL3_MASTER = 1;
- ALG_SID_SCHANNEL_MASTER_HASH = 2;
- ALG_SID_SCHANNEL_MAC_KEY = 3;
- ALG_SID_PCT1_MASTER = 4;
- ALG_SID_SSL2_MASTER = 5;
- ALG_SID_TLS1_MASTER = 6;
- ALG_SID_SCHANNEL_ENC_KEY = 7;
-
- // Our silly example sub-id
- ALG_SID_EXAMPLE = 80;
-
- {$IFNDEF ALGIDDEF}
- {$DEFINE ALGIDDEF}
- Type ALG_ID = ULONG;
- {$ENDIF}
-
- // algorithm identifier definitions
- Const
- CALG_MD2 = (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_MD2);
- CALG_MD4 = (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_MD4);
- CALG_MD5 = (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_MD5);
- CALG_SHA = (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_SHA);
- CALG_SHA1 = (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_SHA1);
- CALG_MAC = (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_MAC);
- CALG_RSA_SIGN = (ALG_CLASS_SIGNATURE or ALG_TYPE_RSA or ALG_SID_RSA_ANY);
- CALG_DSS_SIGN = (ALG_CLASS_SIGNATURE or ALG_TYPE_DSS or ALG_SID_DSS_ANY);
- CALG_RSA_KEYX = (ALG_CLASS_KEY_EXCHANGE or ALG_TYPE_RSA or ALG_SID_RSA_ANY);
- CALG_DES = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_BLOCK or ALG_SID_DES);
- CALG_3DES_112 = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_BLOCK or ALG_SID_3DES_112);
- CALG_3DES = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_BLOCK or ALG_SID_3DES);
- CALG_RC2 = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_BLOCK or ALG_SID_RC2);
- CALG_RC4 = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_STREAM or ALG_SID_RC4);
- CALG_SEAL = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_STREAM or ALG_SID_SEAL);
- CALG_DH_SF = (ALG_CLASS_KEY_EXCHANGE or ALG_TYPE_DH or ALG_SID_DH_SANDF);
- CALG_DH_EPHEM = (ALG_CLASS_KEY_EXCHANGE or ALG_TYPE_DH or ALG_SID_DH_EPHEM);
- CALG_AGREEDKEY_ANY = (ALG_CLASS_KEY_EXCHANGE or ALG_TYPE_DH or ALG_SID_AGREED_KEY_ANY);
- CALG_KEA_KEYX = (ALG_CLASS_KEY_EXCHANGE or ALG_TYPE_DH or ALG_SID_KEA);
- CALG_HUGHES_MD5 = (ALG_CLASS_KEY_EXCHANGE or ALG_TYPE_ANY or ALG_SID_MD5);
- CALG_SKIPJACK = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_BLOCK or ALG_SID_SKIPJACK);
- CALG_TEK = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_BLOCK or ALG_SID_TEK);
- CALG_CYLINK_MEK = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_BLOCK or ALG_SID_CYLINK_MEK);
- CALG_SSL3_SHAMD5 = (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_SSL3SHAMD5);
- CALG_SSL3_MASTER = (ALG_CLASS_MSG_ENCRYPT or ALG_TYPE_SECURECHANNEL or ALG_SID_SSL3_MASTER);
- CALG_SCHANNEL_MASTER_HASH = (ALG_CLASS_MSG_ENCRYPT or ALG_TYPE_SECURECHANNEL or ALG_SID_SCHANNEL_MASTER_HASH);
- CALG_SCHANNEL_MAC_KEY = (ALG_CLASS_MSG_ENCRYPT or ALG_TYPE_SECURECHANNEL or ALG_SID_SCHANNEL_MAC_KEY);
- CALG_SCHANNEL_ENC_KEY = (ALG_CLASS_MSG_ENCRYPT or ALG_TYPE_SECURECHANNEL or ALG_SID_SCHANNEL_ENC_KEY);
- CALG_PCT1_MASTER = (ALG_CLASS_MSG_ENCRYPT or ALG_TYPE_SECURECHANNEL or ALG_SID_PCT1_MASTER);
- CALG_SSL2_MASTER = (ALG_CLASS_MSG_ENCRYPT or ALG_TYPE_SECURECHANNEL or ALG_SID_SSL2_MASTER);
- CALG_TLS1_MASTER = (ALG_CLASS_MSG_ENCRYPT or ALG_TYPE_SECURECHANNEL or ALG_SID_TLS1_MASTER);
- CALG_RC5 = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_BLOCK or ALG_SID_RC5);
- CALG_HMAC = (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_HMAC);
-
- type
- PVTableProvStruc = ^VTableProvStruc;
- VTableProvStruc = record
- Version :DWORD;
- FuncVerifyImage :TFarProc;
- FuncReturnhWnd :TFarProc;
- dwProvType :DWORD;
- pbContextInfo :PBYTE;
- cbContextInfo :DWORD;
- end;
-
- //type HCRYPTPROV = ULONG;
- //type HCRYPTKEY = ULONG;
- //type HCRYPTHASH = ULONG;
-
-
- const
- // dwFlags definitions for CryptAcquireContext
- CRYPT_VERIFYCONTEXT = $F0000000;
- CRYPT_NEWKEYSET = $00000008;
- CRYPT_DELETEKEYSET = $00000010;
- CRYPT_MACHINE_KEYSET = $00000020;
-
- // dwFlag definitions for CryptGenKey
- CRYPT_EXPORTABLE = $00000001;
- CRYPT_USER_PROTECTED = $00000002;
- CRYPT_CREATE_SALT = $00000004;
- CRYPT_UPDATE_KEY = $00000008;
- CRYPT_NO_SALT = $00000010;
- CRYPT_PREGEN = $00000040;
- CRYPT_RECIPIENT = $00000010;
- CRYPT_INITIATOR = $00000040;
- CRYPT_ONLINE = $00000080;
- CRYPT_SF = $00000100;
- CRYPT_CREATE_IV = $00000200;
- CRYPT_KEK = $00000400;
- CRYPT_DATA_KEY = $00000800;
-
- // dwFlags definitions for CryptDeriveKey
- CRYPT_SERVER = $00000400;
-
- KEY_LENGTH_MASK = $FFFF0000;
-
- // dwFlag definitions for CryptExportKey
- CRYPT_Y_ONLY = $00000001;
- CRYPT_SSL2_SLUMMING = $00000002;
-
- // dwFlags definitions for CryptHashSessionKey
- CRYPT_LITTLE_ENDIAN = $00000001;
-
- // dwFlag definitions for CryptSetProviderEx and CryptGetDefaultProvider
- CRYPT_MACHINE_DEFAULT = $00000001;
- CRYPT_USER_DEFAULT = $00000002;
- CRYPT_DELETE_DEFAULT = $00000004;
-
- // exported key blob definitions
- SIMPLEBLOB = $1;
- PUBLICKEYBLOB = $6;
- PRIVATEKEYBLOB = $7;
- PLAINTEXTKEYBLOB = $8;
- AT_KEYEXCHANGE = 1;
- AT_SIGNATURE = 2;
- CRYPT_USERDATA = 1;
-
- // dwParam
- KP_IV = 1; // Initialization vector
- KP_SALT = 2; // Salt value
- KP_PADDING = 3; // Padding values
- KP_MODE = 4; // Mode of the cipher
- KP_MODE_BITS = 5; // Number of bits to feedback
- KP_PERMISSIONS = 6; // Key permissions DWORD
- KP_ALGID = 7; // Key algorithm
- KP_BLOCKLEN = 8; // Block size of the cipher
- KP_KEYLEN = 9; // Length of key in bits
- KP_SALT_EX = 10; // Length of salt in bytes
- KP_P = 11; // DSS/Diffie-Hellman P value
- KP_G = 12; // DSS/Diffie-Hellman G value
- KP_Q = 13; // DSS Q value
- KP_X = 14; // Diffie-Hellman X value
- KP_Y = 15; // Y value
- KP_RA = 16; // Fortezza RA value
- KP_RB = 17; // Fortezza RB value
- KP_INFO = 18; // for putting information into an RSA envelope
- KP_EFFECTIVE_KEYLEN = 19; // setting and getting RC2 effective key length
- KP_SCHANNEL_ALG = 20; // for setting the Secure Channel algorithms
- KP_CLIENT_RANDOM = 21; // for setting the Secure Channel client random data
- KP_SERVER_RANDOM = 22; // for setting the Secure Channel server random data
- KP_RP = 23;
- KP_PRECOMP_MD5 = 24;
- KP_PRECOMP_SHA = 25;
- KP_CERTIFICATE = 26; // for setting Secure Channel certificate data (PCT1)
- KP_CLEAR_KEY = 27; // for setting Secure Channel clear key data (PCT1)
- KP_PUB_EX_LEN = 28;
- KP_PUB_EX_VAL = 29;
-
- // KP_PADDING
- PKCS5_PADDING = 1; {PKCS 5 (sec 6.2) padding method}
- RANDOM_PADDING = 2;
- ZERO_PADDING = 3;
-
- // KP_MODE
- CRYPT_MODE_CBC = 1; // Cipher block chaining
- CRYPT_MODE_ECB = 2; // Electronic code book
- CRYPT_MODE_OFB = 3; // Output feedback mode
- CRYPT_MODE_CFB = 4; // Cipher feedback mode
- CRYPT_MODE_CTS = 5; // Ciphertext stealing mode
-
- // KP_PERMISSIONS
- CRYPT_ENCRYPT = $0001; // Allow encryption
- CRYPT_DECRYPT = $0002; // Allow decryption
- CRYPT_EXPORT = $0004; // Allow key to be exported
- CRYPT_READ = $0008; // Allow parameters to be read
- CRYPT_WRITE = $0010; // Allow parameters to be set
- CRYPT_MAC = $0020; // Allow MACs to be used with key
- CRYPT_EXPORT_KEY = $0040; // Allow key to be used for exporting keys
- CRYPT_IMPORT_KEY = $0080; // Allow key to be used for importing keys
-
- HP_ALGID = $0001; // Hash algorithm
- HP_HASHVAL = $0002; // Hash value
- HP_HASHSIZE = $0004; // Hash value size
-
- HP_HMAC_INFO = $0005; // information for creating an HMAC
-
- CRYPT_FAILED = FALSE;
- CRYPT_SUCCEED = TRUE;
-
- function RCRYPT_SUCCEEDED(rt:BOOL):BOOL;
- function RCRYPT_FAILED(rt:BOOL):BOOL;
-
- const
- // CryptGetProvParam
- PP_ENUMALGS = 1;
- PP_ENUMCONTAINERS = 2;
- PP_IMPTYPE = 3;
- PP_NAME = 4;
- PP_VERSION = 5;
- PP_CONTAINER = 6;
- PP_CHANGE_PASSWORD = 7;
- PP_KEYSET_SEC_DESCR = 8; // get/set security descriptor of keyset
- PP_CERTCHAIN = 9; // for retrieving certificates from tokens
- PP_KEY_TYPE_SUBTYPE = 10;
- PP_PROVTYPE = 16;
- PP_KEYSTORAGE = 17;
- PP_APPLI_CERT = 18;
- PP_SYM_KEYSIZE = 19;
- PP_SESSION_KEYSIZE = 20;
- PP_UI_PROMPT = 21;
- PP_ENUMALGS_EX = 22;
- CRYPT_FIRST = 1;
- CRYPT_NEXT = 2;
- CRYPT_IMPL_HARDWARE = 1;
- CRYPT_IMPL_SOFTWARE = 2;
- CRYPT_IMPL_MIXED = 3;
- CRYPT_IMPL_UNKNOWN = 4;
-
- // key storage flags
- CRYPT_SEC_DESCR = $00000001;
- CRYPT_PSTORE = $00000002;
- CRYPT_UI_PROMPT = $00000004;
-
- // protocol flags
- CRYPT_FLAG_PCT1 = $0001;
- CRYPT_FLAG_SSL2 = $0002;
- CRYPT_FLAG_SSL3 = $0004;
- CRYPT_FLAG_TLS1 = $0008;
-
- // CryptSetProvParam
- PP_CLIENT_HWND = 1;
- PP_CONTEXT_INFO = 11;
- PP_KEYEXCHANGE_KEYSIZE = 12;
- PP_SIGNATURE_KEYSIZE = 13;
- PP_KEYEXCHANGE_ALG = 14;
- PP_SIGNATURE_ALG = 15;
- PP_DELETEKEY = 24;
-
- PROV_RSA_FULL = 1;
- PROV_RSA_SIG = 2;
- PROV_DSS = 3;
- PROV_FORTEZZA = 4;
- PROV_MS_EXCHANGE = 5;
- PROV_SSL = 6;
-
- PROV_RSA_SCHANNEL = 12;
- PROV_DSS_DH = 13;
- PROV_EC_ECDSA_SIG = 14;
- PROV_EC_ECNRA_SIG = 15;
- PROV_EC_ECDSA_FULL = 16;
- PROV_EC_ECNRA_FULL = 17;
- PROV_SPYRUS_LYNKS = 20;
-
-
- // STT defined Providers
- PROV_STT_MER = 7;
- PROV_STT_ACQ = 8;
- PROV_STT_BRND = 9;
- PROV_STT_ROOT = 10;
- PROV_STT_ISS = 11;
-
- // Provider friendly names
- MS_DEF_PROV_A = 'Microsoft Base Cryptographic Provider v1.0';
- {$IFNDEF VER90}
- MS_DEF_PROV_W = WideString( 'Microsoft Base Cryptographic Provider v1.0');
- {$ELSE}
- MS_DEF_PROV_W = ( 'Microsoft Base Cryptographic Provider v1.0');
- {$ENDIF}
-
- {$IFDEF UNICODE}
- MS_DEF_PROV = MS_DEF_PROV_W;
- {$ELSE}
- MS_DEF_PROV = MS_DEF_PROV_A;
- {$ENDIF}
-
- MS_ENHANCED_PROV_A = 'Microsoft Enhanced Cryptographic Provider v1.0';
- {$IFNDEF VER90}
- MS_ENHANCED_PROV_W = WideString('Microsoft Enhanced Cryptographic Provider v1.0');
- {$ELSE}
- MS_ENHANCED_PROV_W = ('Microsoft Enhanced Cryptographic Provider v1.0');
- {$ENDIF}
-
- {$IFDEF UNICODE}
- MS_ENHANCED_PROV = MS_ENHANCED_PROV_W;
- {$ELSE}
- MS_ENHANCED_PROV = MS_ENHANCED_PROV_A;
- {$ENDIF}
-
- MS_DEF_RSA_SIG_PROV_A = 'Microsoft RSA Signature Cryptographic Provider';
- {$IFNDEF VER90}
- MS_DEF_RSA_SIG_PROV_W = WideString('Microsoft RSA Signature Cryptographic Provider');
- {$ELSE}
- MS_DEF_RSA_SIG_PROV_W = ('Microsoft RSA Signature Cryptographic Provider');
- {$ENDIF}
-
- {$IFDEF UNICODE}
- MS_DEF_RSA_SIG_PROV = MS_DEF_RSA_SIG_PROV_W;
- {$ELSE}
- MS_DEF_RSA_SIG_PROV = MS_DEF_RSA_SIG_PROV_A;
- {$ENDIF}
-
- MS_DEF_RSA_SCHANNEL_PROV_A = 'Microsoft Base RSA SChannel Cryptographic Provider';
- {$IFNDEF VER90}
- MS_DEF_RSA_SCHANNEL_PROV_W = WideString('Microsoft Base RSA SChannel Cryptographic Provider');
- {$ELSE}
- MS_DEF_RSA_SCHANNEL_PROV_W = ('Microsoft Base RSA SChannel Cryptographic Provider');
- {$ENDIF}
-
-
- {$IFDEF UNICODE}
- MS_DEF_RSA_SCHANNEL_PROV = MS_DEF_RSA_SCHANNEL_PROV_W;
- {$ELSE}
- MS_DEF_RSA_SCHANNEL_PROV = MS_DEF_RSA_SCHANNEL_PROV_A;
- {$ENDIF}
-
- MS_ENHANCED_RSA_SCHANNEL_PROV_A = 'Microsoft Enhanced RSA SChannel Cryptographic Provider';
- {$IFNDEF VER90}
- MS_ENHANCED_RSA_SCHANNEL_PROV_W = WideString('Microsoft Enhanced RSA SChannel Cryptographic Provider');
- {$ELSE}
- MS_ENHANCED_RSA_SCHANNEL_PROV_W = ('Microsoft Enhanced RSA SChannel Cryptographic Provider');
- {$ENDIF}
-
- {$IFDEF UNICODE}
- MS_ENHANCED_RSA_SCHANNEL_PROV = MS_ENHANCED_RSA_SCHANNEL_PROV_W;
- {$ELSE}
- MS_ENHANCED_RSA_SCHANNEL_PROV = MS_ENHANCED_RSA_SCHANNEL_PROV_A;
- {$ENDIF}
-
- MS_DEF_DSS_PROV_A = 'Microsoft Base DSS Cryptographic Provider';
- {$IFNDEF VER90}
- MS_DEF_DSS_PROV_W = WideString('Microsoft Base DSS Cryptographic Provider');
- {$ELSE}
- MS_DEF_DSS_PROV_W = ('Microsoft Base DSS Cryptographic Provider');
- {$ENDIF}
-
- {$IFDEF UNICODE}
- MS_DEF_DSS_PROV = MS_DEF_DSS_PROV_W;
- {$ELSE}
- MS_DEF_DSS_PROV = MS_DEF_DSS_PROV_A;
- {$ENDIF}
-
- MS_DEF_DSS_DH_PROV_A = 'Microsoft Base DSS and Diffie-Hellman Cryptographic Provider';
- {$IFNDEF VER90}
- MS_DEF_DSS_DH_PROV_W = WideString('Microsoft Base DSS and Diffie-Hellman Cryptographic Provider');
- {$ELSE}
- MS_DEF_DSS_DH_PROV_W = ('Microsoft Base DSS and Diffie-Hellman Cryptographic Provider');
- {$ENDIF}
-
- {$IFDEF UNICODE}
- MS_DEF_DSS_DH_PROV = MS_DEF_DSS_DH_PROV_W;
- {$ELSE}
- MS_DEF_DSS_DH_PROV = MS_DEF_DSS_DH_PROV_A;
- {$ENDIF}
-
- MAXUIDLEN = 64;
- CUR_BLOB_VERSION = 2;
-
- {structure for use with CryptSetHashParam with CALG_HMAC}
- type
- PHMAC_INFO = ^HMAC_INFO;
- HMAC_INFO = record
- HashAlgid :ALG_ID;
- pbInnerString :PBYTE;
- cbInnerString :DWORD;
- pbOuterString :PBYTE;
- cbOuterString :DWORD;
- end;
-
- // structure for use with CryptSetHashParam with CALG_HMAC
- type
- PSCHANNEL_ALG = ^SCHANNEL_ALG;
- SCHANNEL_ALG = record
- dwUse :DWORD;
- Algid :ALG_ID;
- cBits :DWORD;
- end;
-
- // uses of algortihms for SCHANNEL_ALG structure
- const
- SCHANNEL_MAC_KEY = $00000000;
- SCHANNEL_ENC_KEY = $00000001;
-
- type
- PPROV_ENUMALGS = ^PROV_ENUMALGS;
- PROV_ENUMALGS = record
- aiAlgid :ALG_ID;
- dwBitLen :DWORD;
- dwNameLen :DWORD;
- szName :array[0..20-1] of Char;
- end ;
-
- type
- PPROV_ENUMALGS_EX = ^PROV_ENUMALGS_EX;
- PROV_ENUMALGS_EX = record
- aiAlgid :ALG_ID;
- dwDefaultLen :DWORD;
- dwMinLen :DWORD;
- dwMaxLen :DWORD;
- dwProtocols :DWORD;
- dwNameLen :DWORD;
- szName :array[0..20-1] of Char;
- dwLongNameLen :DWORD;
- szLongName :array[0..40-1] of Char;
- end;
-
- type
- PPUBLICKEYSTRUC = ^PUBLICKEYSTRUC;
- PUBLICKEYSTRUC = record
- bType :BYTE;
- bVersion :BYTE;
- reserved :Word;
- aiKeyAlg :ALG_ID;
- end;
-
- type
- BLOBHEADER = PUBLICKEYSTRUC;
- PBLOBHEADER = ^BLOBHEADER;
-
- type
- PRSAPUBKEY = ^RSAPUBKEY;
- RSAPUBKEY = record
- magic :DWORD; // Has to be RSA1
- bitlen :DWORD; // # of bits in modulus
- pubexp :DWORD; // public exponent
- // Modulus data follows
- end;
-
- type
- PPUBKEY = ^PUBKEY;
- PUBKEY = record
- magic :DWORD;
- bitlen :DWORD; // # of bits in modulus
- end;
-
- type
- DHPUBKEY = PUBKEY;
- DSSPUBKEY = PUBKEY;
- KEAPUBKEY = PUBKEY;
- TEKPUBKEY = PUBKEY;
-
-
- type
- PDSSSEED = ^DSSSEED;
- DSSSEED = record
- counter :DWORD;
- seed :array[0..20-1] of BYTE;
- end;
-
- type
- PKEY_TYPE_SUBTYPE = ^KEY_TYPE_SUBTYPE;
- KEY_TYPE_SUBTYPE = record
- dwKeySpec :DWORD;
- Type_ :TGUID; {conflict with base Delphi type: original name 'Type'}
- Subtype :TGUID;
- end;
-
- type
- HCRYPTPROV = ULONG;
- PHCRYPTPROV = ^HCRYPTPROV;
- HCRYPTKEY = ULONG;
- PHCRYPTKEY = ^HCRYPTKEY;
- HCRYPTHASH = ULONG;
- PHCRYPTHASH = ^HCRYPTHASH;
-
- function CryptAcquireContextA(phProv :PHCRYPTPROV;
- pszContainer :PAnsiChar;
- pszProvider :PAnsiChar;
- dwProvType :DWORD;
- dwFlags :DWORD) :BOOL;stdcall;
-
- function CryptAcquireContext(phProv :PHCRYPTPROV;
- pszContainer :LPAWSTR;
- pszProvider :LPAWSTR;
- dwProvType :DWORD;
- dwFlags :DWORD) :BOOL;stdcall;
-
- function CryptAcquireContextW(phProv :PHCRYPTPROV;
- pszContainer :PWideChar;
- pszProvider :PWideChar;
- dwProvType :DWORD;
- dwFlags :DWORD) :BOOL ;stdcall;
-
-
- function CryptReleaseContext(hProv :HCRYPTPROV;
- dwFlags :DWORD) :BOOL;stdcall;
-
-
-
- function CryptGenKey(hProv :HCRYPTPROV;
- Algid :ALG_ID;
- dwFlags :DWORD;
- phKey :PHCRYPTKEY) :BOOL;stdcall ;
-
-
- function CryptDeriveKey(hProv :HCRYPTPROV;
- Algid :ALG_ID;
- hBaseData :HCRYPTHASH;
- dwFlags :DWORD;
- phKey :PHCRYPTKEY) :BOOL;stdcall ;
-
-
-
- function CryptDestroyKey(hKey :HCRYPTKEY) :BOOL;stdcall ;
-
-
- function CryptSetKeyParam(hKey :HCRYPTKEY;
- dwParam :DWORD;
- pbData :PBYTE;
- dwFlags :DWORD) :BOOL;stdcall;
-
-
- function CryptGetKeyParam(hKey :HCRYPTKEY;
- dwParam :DWORD;
- pbData :PBYTE;
- pdwDataLen :PDWORD;
- dwFlags :DWORD) :BOOL;stdcall;
-
-
- function CryptSetHashParam(hHash :HCRYPTHASH;
- dwParam :DWORD;
- pbData :PBYTE;
- dwFlags :DWORD) :BOOL;stdcall;
-
-
- function CryptGetHashParam(hHash :HCRYPTHASH;
- dwParam :DWORD;
- pbData :PBYTE;
- pdwDataLen :PDWORD;
- dwFlags :DWORD) :BOOL;stdcall;
-
-
- function CryptSetProvParam(hProv :HCRYPTPROV;
- dwParam :DWORD;
- pbData :PBYTE;
- dwFlags :DWORD) :BOOL;stdcall;
-
-
- function CryptGetProvParam(hProv :HCRYPTPROV;
- dwParam :DWORD;
- pbData :PBYTE;
- pdwDataLen :PDWORD;
- dwFlags :DWORD) :BOOL;stdcall;
-
-
- function CryptGenRandom(hProv :HCRYPTPROV;
- dwLen :DWORD;
- pbBuffer :PBYTE) :BOOL;stdcall;
-
-
- function CryptGetUserKey(hProv :HCRYPTPROV;
- dwKeySpec :DWORD;
- phUserKey :PHCRYPTKEY) :BOOL;stdcall;
-
-
- function CryptExportKey(hKey :HCRYPTKEY;
- hExpKey :HCRYPTKEY;
- dwBlobType :DWORD;
- dwFlags :DWORD;
- pbData :PBYTE;
- pdwDataLen :PDWORD) :BOOL;stdcall;
-
-
- function CryptImportKey(hProv :HCRYPTPROV;
- pbData :PBYTE;
- dwDataLen :DWORD;
- hPubKey :HCRYPTKEY;
- dwFlags :DWORD;
- phKey :PHCRYPTKEY) :BOOL;stdcall;
-
-
- function CryptEncrypt(hKey :HCRYPTKEY;
- hHash :HCRYPTHASH;
- Final :BOOL;
- dwFlags :DWORD;
- pbData :PBYTE;
- pdwDataLen :PDWORD;
- dwBufLen :DWORD) :BOOL;stdcall;
-
-
- function CryptDecrypt(hKey :HCRYPTKEY;
- hHash :HCRYPTHASH;
- Final :BOOL;
- dwFlags :DWORD;
- pbData :PBYTE;
- pdwDataLen :PDWORD) :BOOL;stdcall;
-
-
- function CryptCreateHash(hProv :HCRYPTPROV;
- Algid :ALG_ID;
- hKey :HCRYPTKEY;
- dwFlags :DWORD;
- phHash :PHCRYPTHASH) :BOOL;stdcall;
-
-
- function CryptHashData(hHash :HCRYPTHASH;
- const pbData :PBYTE;
- dwDataLen :DWORD;
- dwFlags :DWORD) :BOOL;stdcall;
-
-
- function CryptHashSessionKey(hHash :HCRYPTHASH;
- hKey :HCRYPTKEY;
- dwFlags :DWORD) :BOOL;stdcall;
-
-
- function CryptDestroyHash(hHash :HCRYPTHASH) :BOOL;stdcall;
-
-
- function CryptSignHashA(hHash :HCRYPTHASH;
- dwKeySpec :DWORD;
- sDescription :PAnsiChar;
- dwFlags :DWORD;
- pbSignature :PBYTE;
- pdwSigLen :PDWORD) :BOOL;stdcall;
-
-
- function CryptSignHash(hHash :HCRYPTHASH;
- dwKeySpec :DWORD;
- sDescription :LPAWSTR;
- dwFlags :DWORD;
- pbSignature :PBYTE;
- pdwSigLen :PDWORD) :BOOL;stdcall;
-
- function CryptSignHashW(hHash :HCRYPTHASH;
- dwKeySpec :DWORD;
- sDescription :PWideChar;
- dwFlags :DWORD;
- pbSignature :PBYTE;
- pdwSigLen :PDWORD) :BOOL;stdcall;
-
- function CryptSignHashU(hHash :HCRYPTHASH;
- dwKeySpec :DWORD;
- sDescription :PWideChar;
- dwFlags :DWORD;
- pbSignature :PBYTE;
- pdwSigLen :PDWORD) :BOOL;stdcall;
-
- function CryptVerifySignatureA(hHash :HCRYPTHASH;
- const pbSignature :PBYTE;
- dwSigLen :DWORD;
- hPubKey :HCRYPTKEY;
- sDescription :PAnsiChar;
- dwFlags :DWORD) :BOOL;stdcall;
-
- function CryptVerifySignature(hHash :HCRYPTHASH;
- const pbSignature :PBYTE;
- dwSigLen :DWORD;
- hPubKey :HCRYPTKEY;
- sDescription :LPAWSTR;
- dwFlags :DWORD) :BOOL;stdcall;
-
-
- function CryptVerifySignatureW(hHash :HCRYPTHASH;
- const pbSignature :PBYTE;
- dwSigLen :DWORD;
- hPubKey :HCRYPTKEY;
- sDescription :PWideChar;
- dwFlags :DWORD) :BOOL;stdcall;
-
-
- function CryptSetProviderA(pszProvName :PAnsiChar;
- dwProvType :DWORD) :BOOL;stdcall;
-
- function CryptSetProvider(pszProvName :LPAWSTR;
- dwProvType :DWORD) :BOOL;stdcall;
-
- function CryptSetProviderW(pszProvName :PWideChar;
- dwProvType :DWORD) :BOOL;stdcall;
-
- function CryptSetProviderU(pszProvName :PWideChar;
- dwProvType :DWORD) :BOOL;stdcall;
-
- {$IFDEF NT5}
-
- function CryptSetProviderExA(pszProvName :LPCSTR;
- dwProvType :DWORD;
- pdwReserved :PDWORD;
- dwFlags :DWORD):BOOL;stdcall;
-
- function CryptSetProviderExW(pszProvName :LPCWSTR;
- dwProvType :DWORD;
- pdwReserved :PDWORD;
- dwFlags :DWORD):BOOL;stdcall;
-
- function CryptSetProviderEx(pszProvName :LPAWSTR;
- dwProvType :DWORD;
- pdwReserved :PDWORD;
- dwFlags :DWORD):BOOL;stdcall;
-
-
- function CryptGetDefaultProviderA(dwProvType :DWORD;
- pdwReserved :DWORD;
- dwFlags :DWORD;
- pszProvName :LPSTR;
- pcbProvName :PDWORD):BOOL ; stdcall;
-
- function CryptGetDefaultProviderW(dwProvType :DWORD;
- pdwReserved :DWORD;
- dwFlags :DWORD;
- pszProvName :LPWSTR;
- pcbProvName :PDWORD):BOOL ; stdcall;
-
- function CryptGetDefaultProvider(dwProvType :DWORD;
- pdwReserved :DWORD;
- dwFlags :DWORD;
- pszProvName :LPAWSTR;
- pcbProvName :PDWORD):BOOL ; stdcall;
-
- function CryptEnumProviderTypesA(dwIndex :DWORD;
- pdwReserved :PDWORD;
- dwFlags :DWORD;
- pdwProvType :PDWORD;
- pszTypeName :LPSTR;
- pcbTypeName :PDWORD):BOOL ; stdcall;
-
- function CryptEnumProviderTypesW(dwIndex :DWORD;
- pdwReserved :PDWORD;
- dwFlags :DWORD;
- pdwProvType :PDWORD;
- pszTypeName :LPWSTR;
- pcbTypeName :PDWORD):BOOL ; stdcall;
-
- function CryptEnumProviderTypes(dwIndex :DWORD;
- pdwReserved :PDWORD;
- dwFlags :DWORD;
- pdwProvType :PDWORD;
- pszTypeName :LPAWSTR;
- pcbTypeName :PDWORD):BOOL ; stdcall;
-
- function CryptEnumProvidersA(dwIndex :DWORD;
- pdwReserved :PDWORD;
- dwFlags :DWORD;
- pdwProvType :PDWORD;
- pszProvName :LPSTR;
- pcbProvName :PDWORD):BOOL ; stdcall;
-
- function CryptEnumProvidersW(dwIndex :DWORD;
- pdwReserved :PDWORD;
- dwFlags :DWORD;
- pdwProvType :PDWORD;
- pszProvName :LPWSTR;
- pcbProvName :PDWORD):BOOL ; stdcall;
-
- function CryptEnumProviders(dwIndex :DWORD;
- pdwReserved :PDWORD;
- dwFlags :DWORD;
- pdwProvType :PDWORD;
- pszProvName :LPAWSTR;
- pcbProvName :PDWORD):BOOL ; stdcall;
-
- function CryptContextAddRef(hProv :HCRYPTPROV;
- pdwReserved :PDWORD;
- dwFlags :DWORD):BOOL ; stdcall;
-
- function CryptDuplicateKey(hKey :HCRYPTKEY;
- pdwReserved :PDWORD;
- dwFlags :DWORD;
- phKey :PHCRYPTKEY):BOOL ; stdcall;
-
- function CryptDuplicateHash(hHash :HCRYPTHASH;
- pdwReserved :PDWORD;
- dwFlags :DWORD;
- phHash :PHCRYPTHASH):BOOL ; stdcall;
-
- {$ENDIF NT5}
-
- function CryptEnumProvidersU(dwIndex :DWORD;
- pdwReserved :PDWORD;
- dwFlags :DWORD;
- pdwProvType :PDWORD;
- pszProvName :LPWSTR;
- pcbProvName :PDWORD):BOOL ; stdcall;
-
- //+-------------------------------------------------------------------------
- // CRYPTOAPI BLOB definitions
- //--------------------------------------------------------------------------
-
- type
- PCRYPTOAPI_BLOB = ^CRYPTOAPI_BLOB;
- CRYPTOAPI_BLOB = record
- cbData :DWORD;
- pbData :PBYTE;
- end;
-
- type
- CRYPT_INTEGER_BLOB = CRYPTOAPI_BLOB;
- PCRYPT_INTEGER_BLOB = ^CRYPT_INTEGER_BLOB;
- CRYPT_UINT_BLOB = CRYPTOAPI_BLOB;
- PCRYPT_UINT_BLOB = ^CRYPT_UINT_BLOB;
- CRYPT_OBJID_BLOB = CRYPTOAPI_BLOB;
- PCRYPT_OBJID_BLOB = ^CRYPT_OBJID_BLOB;
- CERT_NAME_BLOB = CRYPTOAPI_BLOB;
- PCERT_NAME_BLOB = ^CERT_NAME_BLOB;
- CERT_RDN_VALUE_BLOB = CRYPTOAPI_BLOB;
- PCERT_RDN_VALUE_BLOB = ^CERT_RDN_VALUE_BLOB;
- CERT_BLOB = CRYPTOAPI_BLOB;
- PCERT_BLOB = ^CERT_BLOB;
- CRL_BLOB = CRYPTOAPI_BLOB;
- PCRL_BLOB = ^CRL_BLOB;
- DATA_BLOB = CRYPTOAPI_BLOB;
- PDATA_BLOB = ^DATA_BLOB; // JEFFJEFF temporary (too generic)
- CRYPT_DATA_BLOB = CRYPTOAPI_BLOB;
- PCRYPT_DATA_BLOB = ^CRYPT_DATA_BLOB;
- CRYPT_HASH_BLOB = CRYPTOAPI_BLOB;
- PCRYPT_HASH_BLOB = ^CRYPT_HASH_BLOB;
- CRYPT_DIGEST_BLOB = CRYPTOAPI_BLOB;
- PCRYPT_DIGEST_BLOB = ^CRYPT_DIGEST_BLOB;
- CRYPT_DER_BLOB = CRYPTOAPI_BLOB;
- PCRYPT_DER_BLOB = ^CRYPT_DER_BLOB;
- CRYPT_ATTR_BLOB = CRYPTOAPI_BLOB;
- PCRYPT_ATTR_BLOB = ^CRYPT_ATTR_BLOB;
-
- //+-------------------------------------------------------------------------
- // In a CRYPT_BIT_BLOB the last byte may contain 0-7 unused bits. Therefore, the
- // overall bit length is cbData * 8 - cUnusedBits.
- //--------------------------------------------------------------------------
-
- type
- PCRYPT_BIT_BLOB = ^CRYPT_BIT_BLOB;
- CRYPT_BIT_BLOB = record
- cbData :DWORD;
- pbData :PBYTE;
- cUnusedBits :DWORD;
- end;
-
- //+-------------------------------------------------------------------------
- // Type used for any algorithm
- //
- // Where the Parameters CRYPT_OBJID_BLOB is in its encoded representation. For most
- // algorithm types, the Parameters CRYPT_OBJID_BLOB is NULL (Parameters.cbData = 0).
- //--------------------------------------------------------------------------
-
- type
- PCRYPT_ALGORITHM_IDENTIFIER = ^CRYPT_ALGORITHM_IDENTIFIER;
- CRYPT_ALGORITHM_IDENTIFIER = record
- pszObjId :LPSTR;
- Parameters :CRYPT_OBJID_BLOB;
- end;
-
- // Following are the definitions of various algorithm object identifiers
- // RSA
- const
- szOID_RSA = '1.2.840.113549';
- szOID_PKCS = '1.2.840.113549.1';
- szOID_RSA_HASH = '1.2.840.113549.2';
- szOID_RSA_ENCRYPT = '1.2.840.113549.3';
-
- szOID_PKCS_1 = '1.2.840.113549.1.1';
- szOID_PKCS_2 = '1.2.840.113549.1.2';
- szOID_PKCS_3 = '1.2.840.113549.1.3';
- szOID_PKCS_4 = '1.2.840.113549.1.4';
- szOID_PKCS_5 = '1.2.840.113549.1.5';
- szOID_PKCS_6 = '1.2.840.113549.1.6';
- szOID_PKCS_7 = '1.2.840.113549.1.7';
- szOID_PKCS_8 = '1.2.840.113549.1.8';
- szOID_PKCS_9 = '1.2.840.113549.1.9';
- szOID_PKCS_10 = '1.2.840.113549.1.10';
-
- szOID_RSA_RSA = '1.2.840.113549.1.1.1';
- szOID_RSA_MD2RSA = '1.2.840.113549.1.1.2';
- szOID_RSA_MD4RSA = '1.2.840.113549.1.1.3';
- szOID_RSA_MD5RSA = '1.2.840.113549.1.1.4';
- szOID_RSA_SHA1RSA = '1.2.840.113549.1.1.5';
- szOID_RSA_SETOAEP_RSA = '1.2.840.113549.1.1.6';
-
- szOID_RSA_data = '1.2.840.113549.1.7.1';
- szOID_RSA_signedData = '1.2.840.113549.1.7.2';
- szOID_RSA_envelopedData = '1.2.840.113549.1.7.3';
- szOID_RSA_signEnvData = '1.2.840.113549.1.7.4';
- szOID_RSA_digestedData = '1.2.840.113549.1.7.5';
- szOID_RSA_hashedData = '1.2.840.113549.1.7.5';
- szOID_RSA_encryptedData = '1.2.840.113549.1.7.6';
-
- szOID_RSA_emailAddr = '1.2.840.113549.1.9.1';
- szOID_RSA_unstructName = '1.2.840.113549.1.9.2';
- szOID_RSA_contentType = '1.2.840.113549.1.9.3';
- szOID_RSA_messageDigest = '1.2.840.113549.1.9.4';
- szOID_RSA_signingTime = '1.2.840.113549.1.9.5';
- szOID_RSA_counterSign = '1.2.840.113549.1.9.6';
- szOID_RSA_challengePwd = '1.2.840.113549.1.9.7';
- szOID_RSA_unstructAddr = '1.2.840.113549.1.9.8';
- szOID_RSA_extCertAttrs = '1.2.840.113549.1.9.9';
- szOID_RSA_SMIMECapabilities = '1.2.840.113549.1.9.15';
- szOID_RSA_preferSignedData = '1.2.840.113549.1.9.15.1';
-
- szOID_RSA_MD2 = '1.2.840.113549.2.2';
- szOID_RSA_MD4 = '1.2.840.113549.2.4';
- szOID_RSA_MD5 = '1.2.840.113549.2.5';
-
- szOID_RSA_RC2CBC = '1.2.840.113549.3.2';
- szOID_RSA_RC4 = '1.2.840.113549.3.4';
- szOID_RSA_DES_EDE3_CBC = '1.2.840.113549.3.7';
- szOID_RSA_RC5_CBCPad = '1.2.840.113549.3.9';
-
- // ITU-T UsefulDefinitions
- szOID_DS = '2.5';
- szOID_DSALG = '2.5.8';
- szOID_DSALG_CRPT = '2.5.8.1';
- szOID_DSALG_HASH = '2.5.8.2';
- szOID_DSALG_SIGN = '2.5.8.3';
- szOID_DSALG_RSA = '2.5.8.1.1';
-
- // NIST OSE Implementors' Workshop (OIW)
- // http://nemo.ncsl.nist.gov/oiw/agreements/stable/OSI/12s_9506.w51
- // http://nemo.ncsl.nist.gov/oiw/agreements/working/OSI/12w_9503.w51
- szOID_OIW = '1.3.14';
- // NIST OSE Implementors' Workshop (OIW) Security SIG algorithm identifiers
- szOID_OIWSEC = '1.3.14.3.2';
- szOID_OIWSEC_md4RSA = '1.3.14.3.2.2';
- szOID_OIWSEC_md5RSA = '1.3.14.3.2.3';
- szOID_OIWSEC_md4RSA2 = '1.3.14.3.2.4';
- szOID_OIWSEC_desECB = '1.3.14.3.2.6';
- szOID_OIWSEC_desCBC = '1.3.14.3.2.7';
- szOID_OIWSEC_desOFB = '1.3.14.3.2.8';
- szOID_OIWSEC_desCFB = '1.3.14.3.2.9';
- szOID_OIWSEC_desMAC = '1.3.14.3.2.10';
- szOID_OIWSEC_rsaSign = '1.3.14.3.2.11';
- szOID_OIWSEC_dsa = '1.3.14.3.2.12';
- szOID_OIWSEC_shaDSA = '1.3.14.3.2.13';
- szOID_OIWSEC_mdc2RSA = '1.3.14.3.2.14';
- szOID_OIWSEC_shaRSA = '1.3.14.3.2.15';
- szOID_OIWSEC_dhCommMod = '1.3.14.3.2.16';
- szOID_OIWSEC_desEDE = '1.3.14.3.2.17';
- szOID_OIWSEC_sha = '1.3.14.3.2.18';
- szOID_OIWSEC_mdc2 = '1.3.14.3.2.19';
- szOID_OIWSEC_dsaComm = '1.3.14.3.2.20';
- szOID_OIWSEC_dsaCommSHA = '1.3.14.3.2.21';
- szOID_OIWSEC_rsaXchg = '1.3.14.3.2.22';
- szOID_OIWSEC_keyHashSeal = '1.3.14.3.2.23';
- szOID_OIWSEC_md2RSASign = '1.3.14.3.2.24';
- szOID_OIWSEC_md5RSASign = '1.3.14.3.2.25';
- szOID_OIWSEC_sha1 = '1.3.14.3.2.26';
- szOID_OIWSEC_dsaSHA1 = '1.3.14.3.2.27';
- szOID_OIWSEC_dsaCommSHA1 = '1.3.14.3.2.28';
- szOID_OIWSEC_sha1RSASign = '1.3.14.3.2.29';
- // NIST OSE Implementors' Workshop (OIW) Directory SIG algorithm identifiers
- szOID_OIWDIR = '1.3.14.7.2';
- szOID_OIWDIR_CRPT = '1.3.14.7.2.1';
- szOID_OIWDIR_HASH = '1.3.14.7.2.2';
- szOID_OIWDIR_SIGN = '1.3.14.7.2.3';
- szOID_OIWDIR_md2 = '1.3.14.7.2.2.1';
- szOID_OIWDIR_md2RSA = '1.3.14.7.2.3.1';
-
-
- // INFOSEC Algorithms
- // joint-iso-ccitt(2) country(16) us(840) organization(1) us-government(101) dod(2) id-infosec(1)
- szOID_INFOSEC = '2.16.840.1.101.2.1';
- szOID_INFOSEC_sdnsSignature = '2.16.840.1.101.2.1.1.1';
- szOID_INFOSEC_mosaicSignature = '2.16.840.1.101.2.1.1.2';
- szOID_INFOSEC_sdnsConfidentiality = '2.16.840.1.101.2.1.1.3';
- szOID_INFOSEC_mosaicConfidentiality = '2.16.840.1.101.2.1.1.4';
- szOID_INFOSEC_sdnsIntegrity = '2.16.840.1.101.2.1.1.5';
- szOID_INFOSEC_mosaicIntegrity = '2.16.840.1.101.2.1.1.6';
- szOID_INFOSEC_sdnsTokenProtection = '2.16.840.1.101.2.1.1.7';
- szOID_INFOSEC_mosaicTokenProtection = '2.16.840.1.101.2.1.1.8';
- szOID_INFOSEC_sdnsKeyManagement = '2.16.840.1.101.2.1.1.9';
- szOID_INFOSEC_mosaicKeyManagement = '2.16.840.1.101.2.1.1.10';
- szOID_INFOSEC_sdnsKMandSig = '2.16.840.1.101.2.1.1.11';
- szOID_INFOSEC_mosaicKMandSig = '2.16.840.1.101.2.1.1.12';
- szOID_INFOSEC_SuiteASignature = '2.16.840.1.101.2.1.1.13';
- szOID_INFOSEC_SuiteAConfidentiality = '2.16.840.1.101.2.1.1.14';
- szOID_INFOSEC_SuiteAIntegrity = '2.16.840.1.101.2.1.1.15';
- szOID_INFOSEC_SuiteATokenProtection = '2.16.840.1.101.2.1.1.16';
- szOID_INFOSEC_SuiteAKeyManagement = '2.16.840.1.101.2.1.1.17';
- szOID_INFOSEC_SuiteAKMandSig = '2.16.840.1.101.2.1.1.18';
- szOID_INFOSEC_mosaicUpdatedSig = '2.16.840.1.101.2.1.1.19';
- szOID_INFOSEC_mosaicKMandUpdSig = '2.16.840.1.101.2.1.1.20';
- szOID_INFOSEC_mosaicUpdatedInteg = '2.16.840.1.101.2.1.1.21';
-
- type
- PCRYPT_OBJID_TABLE = ^CRYPT_OBJID_TABLE;
- CRYPT_OBJID_TABLE = record
- dwAlgId :DWORD;
- pszObjId :LPCSTR;
- end;
-
- //+-------------------------------------------------------------------------
- // PKCS #1 HashInfo (DigestInfo)
- //--------------------------------------------------------------------------
-
- type
- PCRYPT_HASH_INFO = ^CRYPT_HASH_INFO;
- CRYPT_HASH_INFO = record
- HashAlgorithm :CRYPT_ALGORITHM_IDENTIFIER;
- Hash :CRYPT_HASH_BLOB;
- end;
-
- //+-------------------------------------------------------------------------
- // Type used for an extension to an encoded content
- //
- // Where the Value's CRYPT_OBJID_BLOB is in its encoded representation.
- //--------------------------------------------------------------------------
-
- type
- PCERT_EXTENSION = ^CERT_EXTENSION;
- CERT_EXTENSION = record
- pszObjId :LPSTR;
- fCritical :BOOL;
- Value :CRYPT_OBJID_BLOB;
- end;
-
- //+-------------------------------------------------------------------------
- // AttributeTypeValue
- //
- // Where the Value's CRYPT_OBJID_BLOB is in its encoded representation.
- //--------------------------------------------------------------------------
-
- type
- PCRYPT_ATTRIBUTE_TYPE_VALUE =^CRYPT_ATTRIBUTE_TYPE_VALUE;
- CRYPT_ATTRIBUTE_TYPE_VALUE = record
- pszObjId :LPSTR;
- Value :CRYPT_OBJID_BLOB;
- end;
-
- //+-------------------------------------------------------------------------
- // Attributes
- //
- // Where the Value's PATTR_BLOBs are in their encoded representation.
- //--------------------------------------------------------------------------
-
- type
- PCRYPT_ATTRIBUTE = ^CRYPT_ATTRIBUTE;
- CRYPT_ATTRIBUTE = record
- pszObjId :LPSTR;
- cValue :DWORD;
- rgValue :PCRYPT_ATTR_BLOB;
- end;
-
- type
- PCRYPT_ATTRIBUTES =^CRYPT_ATTRIBUTES;
- CRYPT_ATTRIBUTES = record
- cAttr :DWORD; {IN}
- rgAttr :PCRYPT_ATTRIBUTE; {IN}
- end;
-
- //+-------------------------------------------------------------------------
- // Attributes making up a Relative Distinguished Name (CERT_RDN)
- //
- // The interpretation of the Value depends on the dwValueType.
- // See below for a list of the types.
- //--------------------------------------------------------------------------
-
- type
- PCERT_RDN_ATTR = ^CERT_RDN_ATTR;
- CERT_RDN_ATTR = record
- pszObjId :LPSTR;
- dwValueType :DWORD;
- Value :CERT_RDN_VALUE_BLOB;
- end;
-
- //+-------------------------------------------------------------------------
- // CERT_RDN attribute Object Identifiers
- //--------------------------------------------------------------------------
- // Labeling attribute types:
- const
- szOID_COMMON_NAME = '2.5.4.3'; // case-ignore string
- szOID_SUR_NAME = '2.5.4.4'; // case-ignore string
- szOID_DEVICE_SERIAL_NUMBER = '2.5.4.5'; // printable string
-
- // Geographic attribute types:
- szOID_COUNTRY_NAME = '2.5.4.6'; // printable 2char string
- szOID_LOCALITY_NAME = '2.5.4.7'; // case-ignore string
- szOID_STATE_OR_PROVINCE_NAME = '2.5.4.8'; // case-ignore string
- szOID_STREET_ADDRESS = '2.5.4.9'; // case-ignore string
-
- // Organizational attribute types:
- szOID_ORGANIZATION_NAME = '2.5.4.10';// case-ignore string
- szOID_ORGANIZATIONAL_UNIT_NAME = '2.5.4.11'; // case-ignore string
- szOID_TITLE = '2.5.4.12'; // case-ignore string
-
- // Explanatory attribute types:
- szOID_DESCRIPTION = '2.5.4.13'; // case-ignore string
- szOID_SEARCH_GUIDE = '2.5.4.14';
- szOID_BUSINESS_CATEGORY = '2.5.4.15'; // case-ignore string
-
- // Postal addressing attribute types:
- szOID_POSTAL_ADDRESS = '2.5.4.16';
- szOID_POSTAL_CODE = '2.5.4.17'; // case-ignore string
- szOID_POST_OFFICE_BOX = '2.5.4.18'; // case-ignore string
- szOID_PHYSICAL_DELIVERY_OFFICE_NAME = '2.5.4.19'; // case-ignore string
-
- // Telecommunications addressing attribute types:
- szOID_TELEPHONE_NUMBER = '2.5.4.20'; // telephone number
- szOID_TELEX_NUMBER = '2.5.4.21';
- szOID_TELETEXT_TERMINAL_IDENTIFIER = '2.5.4.22';
- szOID_FACSIMILE_TELEPHONE_NUMBER = '2.5.4.23';
- szOID_X21_ADDRESS = '2.5.4.24'; // numeric string
- szOID_INTERNATIONAL_ISDN_NUMBER = '2.5.4.25'; // numeric string
- szOID_REGISTERED_ADDRESS = '2.5.4.26';
- szOID_DESTINATION_INDICATOR = '2.5.4.27'; // printable string
-
- // Preference attribute types:
- szOID_PREFERRED_DELIVERY_METHOD = '2.5.4.28';
-
- // OSI application attribute types:
- szOID_PRESENTATION_ADDRESS = '2.5.4.29';
- szOID_SUPPORTED_APPLICATION_CONTEXT = '2.5.4.30';
-
- // Relational application attribute types:
- szOID_MEMBER = '2.5.4.31';
- szOID_OWNER = '2.5.4.32';
- szOID_ROLE_OCCUPANT = '2.5.4.33';
- szOID_SEE_ALSO = '2.5.4.34';
-
- // Security attribute types:
- szOID_USER_PASSWORD = '2.5.4.35';
- szOID_USER_CERTIFICATE = '2.5.4.36';
- szOID_CA_CERTIFICATE = '2.5.4.37';
- szOID_AUTHORITY_REVOCATION_LIST = '2.5.4.38';
- szOID_CERTIFICATE_REVOCATION_LIST = '2.5.4.39';
- szOID_CROSS_CERTIFICATE_PAIR = '2.5.4.40';
-
- // Undocumented attribute types???
- //#define szOID_??? '2.5.4.41'
- szOID_GIVEN_NAME = '2.5.4.42'; // case-ignore string
- szOID_INITIALS = '2.5.4.43'; // case-ignore string
-
- // Pilot user attribute types:
- szOID_DOMAIN_COMPONENT = '0.9.2342.19200300.100.1.25'; // IA5 string
-
- //+-------------------------------------------------------------------------
- // CERT_RDN Attribute Value Types
- //
- // For RDN_ENCODED_BLOB, the Value's CERT_RDN_VALUE_BLOB is in its encoded
- // representation. Otherwise, its an array of bytes.
- //
- // For all CERT_RDN types, Value.cbData is always the number of bytes, not
- // necessarily the number of elements in the string. For instance,
- // RDN_UNIVERSAL_STRING is an array of ints (cbData == intCnt * 4) and
- // RDN_BMP_STRING is an array of unsigned shorts (cbData == ushortCnt * 2).
- //
- // For CertDecodeName, two 0 bytes are always appended to the end of the
- // string (ensures a CHAR or WCHAR string is null terminated).
- // These added 0 bytes are't included in the BLOB.cbData.
- //--------------------------------------------------------------------------
-
- const
- CERT_RDN_ANY_TYPE = 0;
- CERT_RDN_ENCODED_BLOB = 1;
- CERT_RDN_OCTET_STRING = 2;
- CERT_RDN_NUMERIC_STRING = 3;
- CERT_RDN_PRINTABLE_STRING = 4;
- CERT_RDN_TELETEX_STRING = 5;
- CERT_RDN_T61_STRING = 5;
- CERT_RDN_VIDEOTEX_STRING = 6;
- CERT_RDN_IA5_STRING = 7;
- CERT_RDN_GRAPHIC_STRING = 8;
- CERT_RDN_VISIBLE_STRING = 9;
- CERT_RDN_ISO646_STRING = 9;
- CERT_RDN_GENERAL_STRING = 10;
- CERT_RDN_UNIVERSAL_STRING = 11;
- CERT_RDN_INT4_STRING = 11;
- CERT_RDN_BMP_STRING = 12;
- CERT_RDN_UNICODE_STRING = 12;
-
-
- // Macro to check that the dwValueType is a character string and not an
- // encoded blob or octet string
- function IS_CERT_RDN_CHAR_STRING(X :DWORD) :BOOL;
-
- //+-------------------------------------------------------------------------
- // A CERT_RDN consists of an array of the above attributes
- //--------------------------------------------------------------------------
-
- type
- PCERT_RDN = ^CERT_RDN;
- CERT_RDN = record
- cRDNAttr :DWORD;
- rgRDNAttr :PCERT_RDN_ATTR;
- end;
-
- //+-------------------------------------------------------------------------
- // Information stored in a subject's or issuer's name. The information
- // is represented as an array of the above RDNs.
- //--------------------------------------------------------------------------
-
- type
- PCERT_NAME_INFO = ^CERT_NAME_INFO;
- CERT_NAME_INFO = record
- cRDN :DWORD;
- rgRDN :PCERT_RDN;
- end;
-
- //+-------------------------------------------------------------------------
- // Name attribute value without the Object Identifier
- //
- // The interpretation of the Value depends on the dwValueType.
- // See above for a list of the types.
- //--------------------------------------------------------------------------
-
- type
- PCERT_NAME_VALUE = ^CERT_NAME_VALUE;
- CERT_NAME_VALUE = record
- dwValueType :DWORD;
- Value :CERT_RDN_VALUE_BLOB;
- end;
-
- //+-------------------------------------------------------------------------
- // Public Key Info
- //
- // The PublicKey is the encoded representation of the information as it is
- // stored in the bit string
- //--------------------------------------------------------------------------
-
- type
- PCERT_PUBLIC_KEY_INFO = ^CERT_PUBLIC_KEY_INFO;
- CERT_PUBLIC_KEY_INFO = record
- Algorithm :CRYPT_ALGORITHM_IDENTIFIER;
- PublicKey :CRYPT_BIT_BLOB;
- end;
-
- const
- CERT_RSA_PUBLIC_KEY_OBJID = szOID_RSA_RSA;
- CERT_DEFAULT_OID_PUBLIC_KEY_SIGN = szOID_RSA_RSA;
- CERT_DEFAULT_OID_PUBLIC_KEY_XCHG = szOID_RSA_RSA;
-
- //+-------------------------------------------------------------------------
- // Information stored in a certificate
- //
- // The Issuer, Subject, Algorithm, PublicKey and Extension BLOBs are the
- // encoded representation of the information.
- //--------------------------------------------------------------------------
-
- type
- PCERT_INFO = ^CERT_INFO;
- CERT_INFO = record
- dwVersion :DWORD;
- SerialNumber :CRYPT_INTEGER_BLOB;
- SignatureAlgorithm :CRYPT_ALGORITHM_IDENTIFIER;
- Issuer :CERT_NAME_BLOB;
- NotBefore :TFILETIME;
- NotAfter :TFILETIME;
- Subject :CERT_NAME_BLOB;
- SubjectPublicKeyInfo :CERT_PUBLIC_KEY_INFO;
- IssuerUniqueId :CRYPT_BIT_BLOB;
- SubjectUniqueId :CRYPT_BIT_BLOB;
- cExtension :DWORD;
- rgExtension :PCERT_EXTENSION;
- end;
-
- //+-------------------------------------------------------------------------
- // Certificate versions
- //--------------------------------------------------------------------------
- const
- CERT_V1 = 0;
- CERT_V2 = 1;
- CERT_V3 = 2;
-
- //+-------------------------------------------------------------------------
- // Certificate Information Flags
- //--------------------------------------------------------------------------
-
- CERT_INFO_VERSION_FLAG = 1;
- CERT_INFO_SERIAL_NUMBER_FLAG = 2;
- CERT_INFO_SIGNATURE_ALGORITHM_FLAG = 3;
- CERT_INFO_ISSUER_FLAG = 4;
- CERT_INFO_NOT_BEFORE_FLAG = 5;
- CERT_INFO_NOT_AFTER_FLAG = 6;
- CERT_INFO_SUBJECT_FLAG = 7;
- CERT_INFO_SUBJECT_PUBLIC_KEY_INFO_FLAG = 8;
- CERT_INFO_ISSUER_UNIQUE_ID_FLAG = 9;
- CERT_INFO_SUBJECT_UNIQUE_ID_FLAG = 10;
- CERT_INFO_EXTENSION_FLAG = 11;
-
- //+-------------------------------------------------------------------------
- // An entry in a CRL
- //
- // The Extension BLOBs are the encoded representation of the information.
- //--------------------------------------------------------------------------
-
- type
- PCRL_ENTRY = ^CRL_ENTRY;
- CRL_ENTRY = record
- SerialNumber :CRYPT_INTEGER_BLOB;
- RevocationDate :TFILETIME;
- cExtension :DWORD;
- rgExtension :PCERT_EXTENSION;
- end;
-
- //+-------------------------------------------------------------------------
- // Information stored in a CRL
- //
- // The Issuer, Algorithm and Extension BLOBs are the encoded
- // representation of the information.
- //--------------------------------------------------------------------------
-
- type
- PCRL_INFO = ^CRL_INFO;
- CRL_INFO = record
- dwVersion :DWORD;
- SignatureAlgorithm :CRYPT_ALGORITHM_IDENTIFIER;
- Issuer :CERT_NAME_BLOB;
- ThisUpdate :TFILETIME;
- NextUpdate :TFILETIME;
- cCRLEntry :DWORD;
- rgCRLEntry :PCRL_ENTRY;
- cExtension :DWORD;
- rgExtension :PCERT_EXTENSION;
- end;
-
- //+-------------------------------------------------------------------------
- // CRL versions
- //--------------------------------------------------------------------------
- const
- CRL_V1 = 0;
- CRL_V2 = 1;
-
- //+-------------------------------------------------------------------------
- // Information stored in a certificate request
- //
- // The Subject, Algorithm, PublicKey and Attribute BLOBs are the encoded
- // representation of the information.
- //--------------------------------------------------------------------------
-
- type
- PCERT_REQUEST_INFO = ^CERT_REQUEST_INFO;
- CERT_REQUEST_INFO = record
- dwVersion :DWORD;
- Subject :CERT_NAME_BLOB;
- SubjectPublicKeyInfo :CERT_PUBLIC_KEY_INFO;
- cAttribute :DWORD;
- rgAttribute :PCRYPT_ATTRIBUTE;
- end;
-
- //+-------------------------------------------------------------------------
- // Certificate Request versions
- //--------------------------------------------------------------------------
- const CERT_REQUEST_V1 = 0;
-
- //+-------------------------------------------------------------------------
- // Information stored in Netscape's Keygen request
- //--------------------------------------------------------------------------
- type
- PCERT_KEYGEN_REQUEST_INFO = ^CERT_KEYGEN_REQUEST_INFO;
- CERT_KEYGEN_REQUEST_INFO = record
- dwVersion :DWORD;
- SubjectPublicKeyInfo :CERT_PUBLIC_KEY_INFO;
- pwszChallengeString :LPWSTR; // encoded as IA5
- end;
-
- const
- CERT_KEYGEN_REQUEST_V1 = 0;
-
-
- //+-------------------------------------------------------------------------
- // Certificate, CRL, Certificate Request or Keygen Request Signed Content
- //
- // The "to be signed" encoded content plus its signature. The ToBeSigned
- // is the encoded CERT_INFO, CRL_INFO, CERT_REQUEST_INFO or
- // CERT_KEYGEN_REQUEST_INFO.
- //--------------------------------------------------------------------------
- type
- PCERT_SIGNED_CONTENT_INFO = ^CERT_SIGNED_CONTENT_INFO;
- CERT_SIGNED_CONTENT_INFO = record
- ToBeSigned :CRYPT_DER_BLOB;
- SignatureAlgorithm :CRYPT_ALGORITHM_IDENTIFIER;
- Signature :CRYPT_BIT_BLOB;
- end;
-
- //+-------------------------------------------------------------------------
- // Certificate Trust List (CTL)
- //--------------------------------------------------------------------------
-
- //+-------------------------------------------------------------------------
- // CTL Usage. Also used for EnhancedKeyUsage extension.
- //--------------------------------------------------------------------------
-
- type
- PCTL_USAGE =^CTL_USAGE;
- CTL_USAGE = record
- cUsageIdentifier :DWORD;
- rgpszUsageIdentifier :PLPSTR; // array of pszObjId
- end;
-
- type
- CERT_ENHKEY_USAGE = CTL_USAGE;
- PCERT_ENHKEY_USAGE = ^CERT_ENHKEY_USAGE;
-
-
- //+-------------------------------------------------------------------------
- // An entry in a CTL
- //--------------------------------------------------------------------------
- type
- PCTL_ENTRY = ^CTL_ENTRY;
- CTL_ENTRY = record
- SubjectIdentifier :CRYPT_DATA_BLOB; // For example, its hash
- cAttribute :DWORD;
- rgAttribute :PCRYPT_ATTRIBUTE; // OPTIONAL
- end;
-
- //+-------------------------------------------------------------------------
- // Information stored in a CTL
- //--------------------------------------------------------------------------
- type
- PCTL_INFO = ^CTL_INFO;
- CTL_INFO = record
- dwVersion :DWORD;
- SubjectUsage :CTL_USAGE;
- ListIdentifier :CRYPT_DATA_BLOB; // OPTIONAL
- SequenceNumber :CRYPT_INTEGER_BLOB; // OPTIONAL
- ThisUpdate :TFILETIME;
- NextUpdate :TFILETIME; // OPTIONAL
- SubjectAlgorithm :CRYPT_ALGORITHM_IDENTIFIER;
- cCTLEntry :DWORD;
- rgCTLEntry :PCTL_ENTRY; // OPTIONAL
- cExtension :DWORD;
- rgExtension :PCERT_EXTENSION; // OPTIONAL
- end;
-
- //+-------------------------------------------------------------------------
- // CTL versions
- //--------------------------------------------------------------------------
- const
- CTL_V1 = 0;
-
- //+-------------------------------------------------------------------------
- // TimeStamp Request
- //
- // The pszTimeStamp is the OID for the Time type requested
- // The pszContentType is the Content Type OID for the content, usually DATA
- // The Content is a un-decoded blob
- //--------------------------------------------------------------------------
-
- type
- PCRYPT_TIME_STAMP_REQUEST_INFO = ^CRYPT_TIME_STAMP_REQUEST_INFO;
- CRYPT_TIME_STAMP_REQUEST_INFO = record
- pszTimeStampAlgorithm :LPSTR; // pszObjId
- pszContentType :LPSTR; // pszObjId
- Content :CRYPT_OBJID_BLOB;
- cAttribute :DWORD;
- rgAttribute :PCRYPT_ATTRIBUTE;
- end;
-
- //+-------------------------------------------------------------------------
- // Certificate and Message encoding types
- //
- // The encoding type is a DWORD containing both the certificate and message
- // encoding types. The certificate encoding type is stored in the LOWORD.
- // The message encoding type is stored in the HIWORD. Some functions or
- // structure fields require only one of the encoding types. The following
- // naming convention is used to indicate which encoding type(s) are
- // required:
- // dwEncodingType (both encoding types are required)
- // dwMsgAndCertEncodingType (both encoding types are required)
- // dwMsgEncodingType (only msg encoding type is required)
- // dwCertEncodingType (only cert encoding type is required)
- //
- // Its always acceptable to specify both.
- //--------------------------------------------------------------------------
-
- const
- CERT_ENCODING_TYPE_MASK = $0000FFFF;
- CMSG_ENCODING_TYPE_MASK = $FFFF0000;
-
- //#define GET_CERT_ENCODING_TYPE(X) (X & CERT_ENCODING_TYPE_MASK)
- //#define GET_CMSG_ENCODING_TYPE(X) (X & CMSG_ENCODING_TYPE_MASK)
- function GET_CERT_ENCODING_TYPE(X :DWORD):DWORD;
- function GET_CMSG_ENCODING_TYPE(X :DWORD):DWORD;
-
- const
- CRYPT_ASN_ENCODING = $00000001;
- CRYPT_NDR_ENCODING = $00000002;
- X509_ASN_ENCODING = $00000001;
- X509_NDR_ENCODING = $00000002;
- PKCS_7_ASN_ENCODING = $00010000;
- PKCS_7_NDR_ENCODING = $00020000;
-
- //+-------------------------------------------------------------------------
- // format the specified data structure according to the certificate
- // encoding type.
- //
- //--------------------------------------------------------------------------
-
- function CryptFormatObject(dwCertEncodingType :DWORD;
- dwFormatType :DWORD;
- dwFormatStrType :DWORD;
- pFormatStruct :PVOID;
- lpszStructType :LPCSTR;
- const pbEncoded :PBYTE;
- cbEncoded :DWORD;
- pbFormat :PVOID;
- pcbFormat :PDWORD):BOOL ; stdcall;
-
- //+-------------------------------------------------------------------------
- // Encode / decode the specified data structure according to the certificate
- // encoding type.
- //
- // See below for a list of the predefined data structures.
- //--------------------------------------------------------------------------
-
- function CryptEncodeObject(dwCertEncodingType :DWORD;
- lpszStructType :LPCSTR;
- const pvStructInfo :PVOID;
- pbEncoded :PBYTE;
- pcbEncoded :PDWORD ):BOOL ; stdcall;
-
- function CryptDecodeObject(dwCertEncodingType :DWORD;
- lpszStructType :LPCSTR;
- const pbEncoded :PBYTE;
- cbEncoded :DWORD;
- dwFlags :DWORD;
- pvStructInfo :PVOID;
- pcbStructInfo :PDWORD):BOOL ; stdcall;
-
- // When the following flag is set the nocopy optimization is enabled.
- // This optimization where appropriate, updates the pvStructInfo fields
- // to point to content residing within pbEncoded instead of making a copy
- // of and appending to pvStructInfo.
- //
- // Note, when set, pbEncoded can't be freed until pvStructInfo is freed.
- const
- CRYPT_DECODE_NOCOPY_FLAG = $1;
-
- //+-------------------------------------------------------------------------
- // Predefined X509 certificate data structures that can be encoded / decoded.
- //--------------------------------------------------------------------------
- CRYPT_ENCODE_DECODE_NONE = 0;
- X509_CERT = (LPCSTR(1));
- X509_CERT_TO_BE_SIGNED = (LPCSTR(2));
- X509_CERT_CRL_TO_BE_SIGNED = (LPCSTR(3));
- X509_CERT_REQUEST_TO_BE_SIGNED = (LPCSTR(4));
- X509_EXTENSIONS = (LPCSTR(5));
- X509_NAME_VALUE = (LPCSTR(6));
- X509_NAME = (LPCSTR(7));
- X509_PUBLIC_KEY_INFO = (LPCSTR(8));
-
- //+-------------------------------------------------------------------------
- // Predefined X509 certificate extension data structures that can be
- // encoded / decoded.
- //--------------------------------------------------------------------------
- X509_AUTHORITY_KEY_ID = (LPCSTR(9));
- X509_KEY_ATTRIBUTES = (LPCSTR(10));
- X509_KEY_USAGE_RESTRICTION